U
User_166471
- Автор темы
- #1
In the modern enterprise Windows environment we often encounter lots of obstacles, which try to detect and stop our sneaky tools and techniques. Endpoint protection agents (AV, IDS/IPS, EDR, etc.) are getting better and better at this, so this requires an extended effort in finding a way into the system and staying undetected during post-exploitation activities.
This course will guide you though modern detection technology and teach how you can try to avoid it. This means understanding how the technology works and developing certain capabilities to stay under the radar.
You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.
COURSE IN A NUTSHELL
How a modern detection looks like
How to get rid of process' internal operations monitoring
How to make your payload look benign in memory
How to break process parent-child relation
How to disrupt EPP/EDR logging
What is Sysmon and how to bypass it
Full-blown videos explaining all techniques in detail
Transcription with English subtitles
Text supplements with additional information (code snipets, structure definitions, technology description and context, etc.)
Source code with code templates for rapid development
VM image with ready-to-use development environment
Recommended: taking Malware Development Essentials and Malware Development Intermediate courses
Solid experience with Windows OS
Solid C/C++ programming knowledge
Computer with min. 4 GB of RAM + 30 GB of free disk space
VirtualBox 6.0+ installed
Strong will to learn and having fun
Ethical Hackers
Penetration Testers
Blue Teamers
Threat Hunters
All security engineers/professionals wanting to learn advanced offensive tactics
Скрытое содержимое доступно для зарегистрированных пользователей!